Retire old security model for smart contracts #6767
Assignees
Milestone
Comments
This was referenced May 24, 2023
2 tasks
david-bakin-sl
added a commit
that referenced
this issue
Jun 12, 2023
…ure-check block limit to LOW (#6960) - Set `contracts.maxNumWithHapiSigsSuccess` to `0` to disable old security model. - Ensure (appropriate) unit tests check both low and high limits. * In fact the unit tests don't test this feature at all, just have to be corrected for mockability. - "Fix" BDD tests by ... making them pass for the V1 security model - ⮕ Does **not** have new BDD tests for the V2 security model to _replace_ the ones that now really only work for the V1 security model - There are some of those created when the V2 security model was created but there needs to be a more comprehensive set - ⮕ Does **not** confirm that _negative_ tests in the same affected suites (or elsewhere for that matter) return failure (that is, the transaction returns failure so the test returns success) _for the right reason_. - I.e., some of them may now be failing due to a V2 security model violation and _not_ because of the reason they're _supposed_ to fail Addresses #6767 Signed-off-by: David Bakin <117694041+david-bakin-sl@users.noreply.github.com> Signed-off-by: Stoyan Panayotov <stoyan.panayotov@limechain.tech> Co-authored-by: Stoyan Panayotov <stoyan.panayotov@limechain.tech>
2 tasks
2 tasks
|
(see that comment right above "david-bakin-sl linked a pull request yesterday that will close this issue"? well, that PR was merged and it didn't close this issue. what's up with that, Github? closing it manually) |
edward-swirldslabs
pushed a commit
that referenced
this issue
Jun 14, 2023
…ure-check block limit to LOW (#6960) - Set `contracts.maxNumWithHapiSigsSuccess` to `0` to disable old security model. - Ensure (appropriate) unit tests check both low and high limits. * In fact the unit tests don't test this feature at all, just have to be corrected for mockability. - "Fix" BDD tests by ... making them pass for the V1 security model - ⮕ Does **not** have new BDD tests for the V2 security model to _replace_ the ones that now really only work for the V1 security model - There are some of those created when the V2 security model was created but there needs to be a more comprehensive set - ⮕ Does **not** confirm that _negative_ tests in the same affected suites (or elsewhere for that matter) return failure (that is, the transaction returns failure so the test returns success) _for the right reason_. - I.e., some of them may now be failing due to a V2 security model violation and _not_ because of the reason they're _supposed_ to fail Addresses #6767 Signed-off-by: David Bakin <117694041+david-bakin-sl@users.noreply.github.com> Signed-off-by: Stoyan Panayotov <stoyan.panayotov@limechain.tech> Co-authored-by: Stoyan Panayotov <stoyan.panayotov@limechain.tech>
agadzhalov
pushed a commit
that referenced
this issue
Jun 26, 2023
…ure-check block limit to LOW (#6960) - Set `contracts.maxNumWithHapiSigsSuccess` to `0` to disable old security model. - Ensure (appropriate) unit tests check both low and high limits. * In fact the unit tests don't test this feature at all, just have to be corrected for mockability. - "Fix" BDD tests by ... making them pass for the V1 security model - ⮕ Does **not** have new BDD tests for the V2 security model to _replace_ the ones that now really only work for the V1 security model - There are some of those created when the V2 security model was created but there needs to be a more comprehensive set - ⮕ Does **not** confirm that _negative_ tests in the same affected suites (or elsewhere for that matter) return failure (that is, the transaction returns failure so the test returns success) _for the right reason_. - I.e., some of them may now be failing due to a V2 security model violation and _not_ because of the reason they're _supposed_ to fail Addresses #6767 Signed-off-by: David Bakin <117694041+david-bakin-sl@users.noreply.github.com> Signed-off-by: Stoyan Panayotov <stoyan.panayotov@limechain.tech> Co-authored-by: Stoyan Panayotov <stoyan.panayotov@limechain.tech>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When new and improved security model introduced there was a "grandfather" period for older contracts, to give contract owners (development organizations) time to adjust to the new model. That period is ending, so turn off the old security model.
The text was updated successfully, but these errors were encountered: